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DETAILED ACTION 

1 . This action is responding to application amendments filed 2-10-2009. 

2. Claims 1 - 42 are pending. Claims 1, 15, 29 are independent. This application 
was filed on 9-9-2003. 

Response to Arguments 

3. Applicant's arguments have been fully considered but were not persuasive. 

3.1 For claim 1 , the claim limitation for the first PHY channel specifies a channel 
between the access point and originating access device. For claim 1 , the claim 
limitation for the third PHY channel specifies a channel between the access point and 
originating access device. For claim 1 , there is no limitation that restricts the second 
PHY channel between the access point and the originating access device. Claim 1 
limitation states: "authenticating said communication session by authenticating said 
access using a second PHY channel". The result of this communication channel is to 
authenticate access for communications over the third PHY channel. 

The control channel or second PHY channel is used to authenticate the originating 
access device. Figure 4 of the application discloses that the client transmits a client 
identity such as a password to an authentication server for authentication. Paragraph 
[0025] of the specification discloses that authentication information is transferred to an 
authentication server using a second PHY channel. The Weatherspoon prior art 
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disclosing the usage of an authentication server appears to be equivalent to 
application's usage of an authentication server. 

3.2 Each obviousness combination indicates the claim limitation the combined prior 
art references teaches, In addition, a cited passage from the referenced prior art 
indicates the motivation for the obviousness combination. Each obviousness 
combination's disclosure is equivalent to Applicant's claim iimitation(s) for the claimed 
invention. 

3.3 The authentication process enables access to any device on the wired LAN 
including the originating access device. This particular access to any wired device 
includes establishing a data channel between the ASP and any device including the 
originating access device. (Weatherspoon col 5, lines 29-34: access between AP and 
any device including originating access device) 

Previous R esponses: 

The Weatherspoon prior art discloses a first channel for authentication initiation 
(request), (see Weatherspoon col. 4, lines 23-29: plurality of APs and corresponding 
devices; col. 4, lines 32-37: establishes a communications channel) The Weatherspoon 
prior art discloses a second channel for authentication information, (see Weatherspoon 
col. 5, lines 12-19: if the wireless device is valid the AP establishes a control channel 
with the authentication server; transmits encrypted authentication messages that 
includes operator's logon name and password) And, the Weatherspoon prior art 
discloses a third channel for hosting (data transfers) a communications session, (see 



Application/Control Number: 10/658,310 Page 4 

Art Unit: 2436 

Weatherspoon col. 5, lines 29-37: authentication server validates both the AP and 
operator, authentication server will enable access to the wired LAN) 

The Chandrashekhar prior art discloses a communications link between two 
network nodes to request the initiation and setup of a communications session. 
Chandrashekhar discloses a communications link between two network nodes to 
perform an authentication procedure. And, the Chandrashekhar prior art discloses a 
communications link between two network nodes for the transmission and receipt of 
communications data (a session). In addition, the Chandrashekhar prior art discloses 
communications completed over a wireless communications network using access 
points, (see Chandrashekhar paragraph [0112], lines 1-5; paragraph [0112], lines 27- 
28) 

The successful responses to arguments for independent claims, also successfully 
respond to the current arguments against the dependent claims. 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art 
are such that the subject matter as a whole would have been obvious at the time the invention was made 
to a person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be 
negatived by the manner in which the invention was made. 

5. Claims 1, 6 - 9, 12 - 15, 20 - 23, 26 - 29, 34 - 37, 40 - 42 are rejected under 35 
U.S.C. 103(a) as being unpatentable over Chandrashekhar et al. (US PGPUB No. 
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20030140131) in view of Giniger et al. (US Patent No. 6,751,729) and further in view of 
Weatherspoon et al. (US Patent No. 7,174,564). 

With Regards to Claims 1,15, 29, Chandrashekhar discloses a method, machine- 
readable storage having stored upon a computer program having at least one code 
section, system for multiple encryption in a multi-band multi-protocol hybrid 
wired/wireless network, the method comprising: receiving on a first PHY channel of an 
access point, a request for initiation of a communication session from an originating 
access device; authenticating said communication session by authenticating said 
access using a second PHY channel; and hosting said communication session over a 
third PHY channel , said third PHY channel established between said access point and 
said originating access device, (see Chandrashekhar paragraph [0054], lines 3-5; 
paragraph [0054], lines 10-12: hybrid communications network; paragraph [0040], lines 
4-6; paragraph [0108], lines 1-5: wireless/wired communications; paragraph [0056], 
lines 1-3: request for communications service; paragraph [0048], lines 1-7: software, 
implementation means); Figure 3; paragraph [0112], lines 1-5; paragraph [0112], lines 
27-28: access point communications device(s)) Chandrashekhar does not specifically 
disclose whereby authenticating said originating access device. However, Giniger 
discloses wherein authenticating said originating access device, (see Giniger col. 3, 
lines 21-25: VPN (tunnel) communications; col. 4, lines 59-67; col. 5, lines 6-10; col. 15, 
lines 27-33: authentication, network device) 

It would have been obvious to one of ordinary skill in the art to modify 
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Chandrashekhar to authenticate a network device (an originating access device) as 
taught by Giniger. One of ordinary skill in the art would have been motivated to employ 
the teachings of Giniger for selection of the optimum path based on security policy, 
setup conditions and routing parameters to optimized bandwidth, save time, and reduce 
operating costs, (see Giniger col. 6, lines 31-38) 

In addition, Weatherspoon discloses wherein a method, machine-readable storage 
having stored upon a computer program having at least one code section, system for 
multiple encryption in a multi-band multi-protocol hybrid wired/wireless network, the 
method comprising: receiving on a first PHY channel of an access point, a request for 
initiation of a communication session from an originating access device (see 
Weatherspoon col. 4, lines 23-29: plurality of APs and corresponding devices; col. 4, 
lines 32-37: establishes a communications channel); authenticating said communication 
session by authenticating said access using a second PHY channel (see Weatherspoon 
col. 5, lines 12-19: if the wireless device is valid the AP establishes a control channel 
with the authentication server; transmits encrypted authentication messages that 
includes operator's logon name and password); and hosting said communication 
session over a third PHY channel, said third PHY channel established between said 
access point and said originating access device, (see Weatherspoon col. 5, lines 29-37: 
authentication server will enable access to the wired LAN by establishing a data 
channel between the AP and any other device on the wired LAN) 
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It would have been obvious to one of ordinary skill in the art to modify 
Chandrashekharto enable a first, second, and third communication channel for 
authentication and data transfers as taught by Weatherspoon. One of ordinary skill in 
the art would have been motivated to employ the teachings of Weatherspoon for a 
secure wireless local area network that is inexpensive, easy to set up, fast, and reliable, 
(see Weatherspoon col. 3, lines 9-1 1 ) 

With Regards to Claims 6, 20, Chandrashekhar discloses the method, machine- 
readable storage having stored upon a computer program having at least one code 
section according to claims 1,15, comprising receiving an identification of said 
originating access device by said access point, (see Chandrashekhar paragraph [0073], 
lines 13-16: identification for originating device, user; paragraph [0037], lines 4-15: 
access network (i.e. access point)) 

With Regards to Claims 7, 21, 35, Chandrashekhar discloses the method, machine- 
readable storage having stored upon a computer program having one code section, 
system according to claims 6, 20, 34, wherein said identity of said originating access 
device is one or more of a WEP key, a MAC address, and/or an IP address, (see 
Chandrashekhar paragraph [0073], lines 13-16; paragraph [0082], lines 14-16: IP 
address utilized as identification) 

With Regards to Claims 8, 22, Chandrashekhar discloses the method, machine- 
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readable storage having stored upon a computer program having at least one code 
section according to claims 1,15, comprising acknowledging said received request on 
said first PHY channel, (see Chandrashekhar paragraph [0057], lines 3-7: response to 
received request (i.e. response, ACK)) 

With Regards to Claims 9, 23, Chandrashekhar discloses the method, machine- 
readable storage having stored upon a computer program having at least one code 
section according to claims 1, 15, comprising determining a type of traffic generated by 
said originating access device on said first PHY channel, (see Chandrashekhar 
paragraph [0028], lines 13-15: type of traffic, VPN; paragraph [0054], lines 7-12: 
between communications endpoints) 

With Regards to Claims 12, 26, Chandrashekhar discloses the method, machine- 
readable storage having stored upon a computer program having at least one code 
section according to claims 1,15, further comprising establishing at least one virtual 
channel between said originating access device and a terminating access device, (see 
Chandrashekhar paragraph [0054], lines 7-12: establish circuit between originating 
device and terminating device (i.e. endpoints, communications circuit); paragraph 
[0040], lines 4-6: dial-up user, physical circuit)) 

With Regards to Claims 13, 27, Chandrashekhar discloses the method, machine- 
readable storage having stored upon a computer program having at least one code 
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section according to claims 12, 26, comprises tunneling information between said 
originating access device and said terminating access device, (see Chandrashekhar 
paragraph [0032], lines 2-5; paragraph [0054], lines 7-12; paragraph [0081], lines 7-9: 
tunneling between originating and termination devices (i.e. endpoints)) 

With Regards to Claims 14, 28, Chandrashekhar discloses the method, machine- 
readable storage having stored upon a computer program having at least one code 
section according to claims 12, 26, comprising establishing at least a portion of said at 
least one virtual channel over at least a portion of one of said first PHY channel, said 
second PHY channel or said third PHY channel, (see Chandrashekhar paragraph 
[0028], lines 13-15; paragraph [0054], lines 7-12: virtual channel between originating 
and terminating devices (i.e. VPN tunnel, virtual channel endpoints)) 

With Regards to Claim 34, Chandrashekhar discloses the system according to claim 
29, wherein said at least one receiver is adapted to receive an identification of said 
originating access device by said access point, (see Chandrashekhar paragraph [0073], 
lines 13-16: identification for originating device, user; paragraph [0037], lines 4-15: 
access network (i.e. access point)) 

With Regards to Claim 36, Chandrashekhar discloses the system according to claim 
29, wherein said at least one receiver is adapted to acknowledge said received request 
on said first PHY channel, (see Chandrashekhar paragraph [0057], lines 3-7: response 
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to received request (i.e. response, ACK)) 
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With Regards to Claim 37, Chandrashekhar discloses the system according to claim 
29, wherein said at least one authenticator is adapted to determine a type of traffic 
generated by said originating access device on said first PHY channel, (see 
Chandrashekhar paragraph [0028], lines 13-15: type of traffic, VPN; paragraph [0054], 
lines 7-12: between communications endpoints) 

With Regards to Claim 40, Chandrashekhar discloses the system according to claim 
29, wherein at least one receiver is adapted to establish at least one virtual channel 
between said originating access device and a terminating access device, (see 
Chandrashekhar paragraph [0054], lines 7-12: establish circuit between originating 
device and terminating device (i.e. endpoints, communications circuit); paragraph 
[0040], lines 4-6: dial-up user, physical circuit)) 

With Regards to Claim 41, Chandrashekhar discloses the system according to claim 
40, wherein said at least one receiver is adapted to tunnel information between said 
originating access device and said terminating access device, (see Chandrashekhar 
paragraph [0032], lines 2-5; paragraph [0054], lines 7-12; paragraph [0081], lines 7-9: 
tunneling between originating and termination devices (i.e. endpoints)) 

With Regards to Claim 42, Chandrashekhar discloses the method, machine-readable 
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storage having stored upon a computer program having at least one code section, 
system according to claims 40, wherein said at least one receiver is adapted to 
establish at least a portion of said at least one virtual channel over at least a portion of 
one of said first PHY channel, said second PHY channel and/or said third PHY channel, 
(see Chandrashekhar paragraph [0028], lines 13-15; paragraph [0054], lines 7-12: 
virtual channel between originating and terminating devices (i.e. VPN tunnel, virtual 
channel endpoints)) 

6. Claims 2 - 5, 10, 11,16- 19, 24, 25, 30 - 33, 38, 39 are rejected under 35 
U.S.C. 103(a) as being unpatentable over Chandrashekhar-Giniger-Weatherspoon 
and further in view of He et al. (US Patent No. 6,088,451). 

With Regards to Claims 2, 16, Chandrashekhar discloses the method, machine- 
readable storage having stored upon a computer program having at least one code 
section according to claims 1,15. (see Chandrashekhar paragraph [0054], lines 7-12; 
paragraph [0081], lines 7-9: communications between endpoints; paragraph [0048], 
lines 1-7: software, implementation means) Chandrashekhar does not specifically 
disclose generating at least one encryption/decryption key. However, He discloses 
wherein further comprising generating at least one encryption/decryption key for use 
during said communication session, (see He col. 18, lines 2-5; col. 19, lines 8-11; col. 
20, lines 57-61: generation encryption/decryption key) 

It would have been obvious to one of ordinary skill in the art to modify 
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Chandrashekhar for the generation of an encryption/decryption key as taught by He. 
One of ordinary skill in the art would have been motivated to employ the teachings of He 
for a network-wide centralized user administration and authentication, credential 
management and network element access, (see He col.1 , lines 59-63) 

With Regards to Claims 3, 17, Chandrashekhar discloses the method, machine- 
readable storage having stored upon a computer program having at least one code 
section according to claims 2, 17, wherein said authenticating comprises requesting 
authentication information from an authentication server, (see Chandrashekhar 
paragraph [0041], lines 1-5; paragraph [0057], lines 1-3: utilizing an authentication 
server for authorization) 

With Regards to Claims 4, 18, Chandrashekhar discloses the method, machine- 
readable storage having stored upon a computer program having at least one code 
section according to claims 3, 17, wherein said authenticating comprises delivering at 
least a portion of said authentication information received from said authentication 
server to said originating access device via said second PHY channel, (see 
Chandrashekhar paragraph [0057], lines 3-7: appropriate indication returned to user) 

With Regards to Claims 5, 19, 33, Chandrashekhar discloses the method, machine- 
readable storage having stored upon a computer program having at least one code 
section, system according to claims 4, 18, 32. (see Chandrashekhar paragraph [0054], 
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lines 7-12; paragraph [0081], lines 7-9: communications between endpoints) 
Chandrashekhar does not specifically disclose delivering said encryption/decryption 
key. However, He discloses wherein comprising delivering said at least one 
encryption/decryption key to said originating access device via one of said first PHY 
channel or said second PHY channel, (see He col. 18, lines 2-5; col. 19, lines 8-11; col. 
20, lines 57-61: delivering encryption/decryption key; Figure 3) 

It would have been obvious to one of ordinary skill in the art to modify 
Chandrashekhar for delivery of an encryption/decryption key as taught by He. One of 
ordinary skill in the art would have been motivated to employ the teachings of He for a 
network-wide centralized user administration and authentication, credential 
management and network element access, (see He col.1 , lines 59-63) 

With Regards to Claims 10, 24, Chandrashekhar discloses the method, machine- 
readable storage having stored upon a computer program having at least one code 
section according to claims 9, 23, further comprising at least one key dependent on said 
determined traffic type, (see Chandrashekhar paragraph [0054], lines 7-12; paragraph 
[0081], lines 7-9: communications between endpoints; paragraph [0028], lines 13-15: 
virtual channel between originating and terminating device (i.e. VPN tunnel, virtual 
channel endpoints): key utilized for VPN type traffic, encryption key parameter) 
Chandrashekhar does not specifically disclose generating at least one 
encryption/decryption key. However, He discloses wherein comprising generating at 
least one encryption/decryption key. (see He col. 1 8, lines 2-5; col. 1 9, lines 8-1 1 ; col. 
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20, lines 57-61: generation encryption/decryption key) 

It would have been obvious to one of ordinary skill in the art to modify 
Chandrashekhar for generation of an encryption/decryption key as taught by He. One 
of ordinary skill in the art would have been motivated to employ the teachings of He for 
a network-wide centralized user administration and authentication, credential 
management and network element access, (see He col.1 , lines 59-63) 

With Regards to Claims 11, 25, 39, Chandrashekhar discloses the method, machine- 
readable storage having stored upon a computer program having at least one code 
section, system according to claims 10, 24, 38. (see Chandrashekhar paragraph [0054], 
lines 7-12; paragraph [0081], lines 7-9: communications between endpoints) 
Chandrashekhar does not specifically disclose the distribution of generated 
encryption/decryption key. However, He discloses wherein comprising distributing said 
generated at least one encryption/decryption key via at one or both of said second PHY 
channel and/or said third PHY channel, (see He col. 1 8, lines 2-5; col. 1 9, lines 8-1 1 ; 
col. 20, lines 57-61 : delivering (i.e. distributing) generated encryption/decryption key; 
Figure 3) 

It would have been obvious to one of ordinary skill in the art to modify 
Chandrashekhar for generation of an encryption/decryption key as taught by He. One 
of ordinary skill in the art would have been motivated to employ the teachings of He for 
a network-wide centralized user administration and authentication, credential 
management and network element access, (see He col.1 , lines 59-63) 
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With Regards to Claim 30, Chandrashekhar discloses the method, machine-readable 
storage having stored upon a computer program having at least one code section, 
system according to claim 29. (see Chandrashekhar paragraph [0054], lines 7-12; 
paragraph [0081], lines 7-9: communications between endpoints; paragraph [0048], 
lines 1 -7: software, implementation means) Chandrashekhar does not specifically 
disclose generating at least one encryption/decryption key. However, He discloses 
wherein further comprising generating at least one encryption/decryption key for use 
during said communication session, (see He col. 1 8, lines 2-5; col. 1 9, lines 8-1 1 ; col. 
20, lines 57-61: generation encryption/decryption key) 

It would have been obvious to one of ordinary skill in the art to modify 
Chandrashekhar for generation of an encryption/decryption key as taught by He. One 
of ordinary skill in the art would have been motivated to employ the teachings of He for 
a network-wide centralized user administration and authentication, credential 
management and network element access, (see He col.1 , lines 59-63) 

With Regards to Claim 31, Chandrashekhar discloses the system according to claim 
30, wherein said at least one authenticator is adapted to request authentication 
information, (see Chandrashekhar paragraph [0041], lines 1-5; paragraph [0057], lines 
1-3: utilizing an authentication server for authorization) 

With Regards to Claim 32, Chandrashekhar discloses the system according to claim 
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31 , wherein said authenticator is adapted to deliver at least a portion of said 
authentication information received from said authentication server to said originating 
access device via said second PHY channel, (see Chandrashekhar paragraph [0057], 
lines 3-7: appropriate indication returned to user) 

With Regards to Claim 38, Chandrashekhar discloses the system according to claims 
37, wherein said at least one authenticator is adapted further comprising at least one 
key dependent on said determined traffic type, (see Chandrashekhar paragraph [0054], 
lines 7-12; paragraph [0081], lines 7-9: communications between endpoints; paragraph 
[0028], lines 13-15: virtual channel between originating and terminating device (i.e. VPN 
tunnel, virtual channel endpoints): key utilized for VPN type traffic, encryption key 
parameter) Chandrashekhar does not specifically disclose generating at least one 
encryption/decryption key. However, He discloses wherein said at least one 
authenticator is adapted to generate at least one encryption/decryption key. (see He 
col. 18, lines 2-5; col. 19, lines 8-1 1 ; col. 20, lines 57-61 : generation 
encryption/decryption key) 

It would have been obvious to one of ordinary skill in the art to modify 
Chandrashekhar for generation of an encryption/decryption key as taught by He. One 
of ordinary skill in the art would have been motivated to employ the teachings of He for 
a network-wide centralized user administration and authentication, credential 
management and network element access, (see He col.1 , lines 59-63) 
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Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action, in the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Carlton V. Johnson whose telephone number is 571- 
270-1032. The examiner can normally be reached on Monday thru Friday , 8:00 - 
5:00PM EST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nasser Moazzami can be reached on 571-272-4195. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
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Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Nasser G Moazzami/ Carlton V. Johnson 

Supervisory Patent Examiner, Art Unit 2436 Examiner 

Art Unit 2436 



CVJ 

April 27, 2009 



